IBGP EBGP Filtering, redistribution, summarization, synchronization, attributes and other advanced features

Similar documents
How To Understand Bg

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

BGP Best Path Selection Algorithm

Using the Border Gateway Protocol for Interdomain Routing

BGP Link Bandwidth. Finding Feature Information. Contents

APNIC elearning: BGP Attributes

This feature was introduced. This feature was integrated in Cisco IOS Release 12.2(11)T.

BGP Basics. BGP Uses TCP 179 ibgp - BGP Peers in the same AS ebgp - BGP Peers in different AS's Private BGP ASN. BGP Router Processes

Understanding Route Aggregation in BGP

How To Set Up Bgg On A Network With A Network On A Pb Or Pb On A Pc Or Ipa On A Bg On Pc Or Pv On A Ipa (Netb) On A Router On A 2

BGP4 Case Studies/Tutorial

BGP Terminology, Concepts, and Operation. Chapter , Cisco Systems, Inc. All rights reserved. Cisco Public

Configuring BGP. Cisco s BGP Implementation

BGP: Frequently Asked Questions

Border Gateway Protocol (BGP)

Routing Protocol - BGP

BGP Attributes and Path Selection

Border Gateway Protocol Best Practices

Edge-1#show ip route Routing entry for /24. Known via "bgp 65001", distance 200, metric 0. Tag 65300, type internal

Gateway of last resort is to network

- Route Filtering and Route-Maps -

Internet inter-as routing: BGP

MPLS VPN Route Target Rewrite

- Border Gateway Protocol -

basic BGP in Huawei CLI

Module 7. Routing and Congestion Control. Version 2 CSE IIT, Kharagpur

BGP Support for Next-Hop Address Tracking

Exterior Gateway Protocols (BGP)

Load balancing and traffic control in BGP

APNIC elearning: BGP Basics. Contact: erou03_v1.0

Bell Aliant. Business Internet Border Gateway Protocol Policy and Features Guidelines

Understanding Route Redistribution & Filtering

Multihomed BGP Configurations

Inter-domain Routing Basics. Border Gateway Protocol. Inter-domain Routing Basics. Inter-domain Routing Basics. Exterior routing protocols created to:

Border Gateway Protocol BGP4 (2)

netkit lab bgp: prefix-filtering Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group

Examination. IP routning på Internet och andra sammansatta nät, DD2491 IP routing in the Internet and other complex networks, DD2491

BGP1 Multihoming and Traffic Engineering

BGP Router Startup Message Flow

HP Networking BGP and MPLS technology training

BGP overview BGP operations BGP messages BGP decision algorithm BGP states

BGP as an IGP for Carrier/Enterprise Networks

Internet inter-as routing: BGP

Exam Name: BGP + MPLS Exam Exam Type Cisco Case Studies: 3 Exam Code: Total Questions: 401

Understanding Virtual Router and Virtual Systems

How To Import Ipv4 From Global To Global On Cisco Vrf.Net (Vf) On A Vf-Net (Virtual Private Network) On Ipv2 (Vfs) On An Ipv3 (Vv

Notice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network.

no aggregate-address address mask [as-set] [summary-only] [suppress-map map-name] [advertise-map map-name] [attribute-map map-name]

Configuring BGP. The Cisco BGP Implementation

IPv6 over MPLS VPN. Contents. Prerequisites. Document ID: Requirements

Simple Multihoming. ISP/IXP Workshops

BGP Multipath Load Sharing for Both ebgp and ibgp in an MPLS-VPN

> Border Gateway Protocol (BGP-4) Technical Configuration Guide. Ethernet Routing Switch. Engineering

Load balancing and traffic control in BGP

BSCI Module 6 BGP. Configuring Basic BGP. BSCI Module 6

Configuring Route Maps and Policy-Based Routing

GregSowell.com. Mikrotik Routing

BGP Advanced Features and Enhancements

Application Note. Failover through BGP route health injection

Presentation_ID. 2001, Cisco Systems, Inc. All rights reserved.

Basic Configuration Examples for BGP

Chapter 49 Border Gateway Protocol version 4 (BGP-4)

Simple Multihoming. ISP Workshops. Last updated 30 th March 2015

BGP FORGOTTEN BUT USEFUL FEATURES. Piotr Wojciechowski (CCIE #25543)

Transitioning to BGP. ISP Workshops. Last updated 24 April 2013

--BGP 4 White Paper Ver BGP-4 in Vanguard Routers

Networking. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Advanced BGP Policy. Advanced Topics

Example: Advertised Distance (AD) Example: Feasible Distance (FD) Example: Successor and Feasible Successor Example: Successor and Feasible Successor

Monitoring and Troubleshooting BGP Neighbor Sessions

MPLS VPN Implementation

Introduction Inter-AS L3VPN

Interdomain Routing. Project Report

BGP Multihoming. Why Multihome? Why Multihome? Why Multihome? Why Multihome? Why Multihome? Redundancy. Reliability

Network Level Multihoming and BGP Challenges

Chapter 6: Implementing a Border Gateway Protocol Solution for ISP Connectivity

Textbook Required: Cisco Networking Academy Program CCNP: Building Scalable Internetworks v5.0 Lab Manual.

E : Internet Routing

Lecture 18: Border Gateway Protocol"

CS551 External v.s. Internal BGP

Fireware How To Dynamic Routing

Using OSPF in an MPLS VPN Environment

BGP Multihoming Techniques

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

ISP Case Study. UUNET UK (1997) ISP/IXP Workshops. ISP/IXP Workshops. 1999, Cisco Systems, Inc.

Introducing Basic MPLS Concepts

The ISP Column. An Introduction to BGP the Protocol

DD2491 p Load balancing BGP. Johan Nicklasson KTHNOC/NADA

Juniper Exam JN0-343 Juniper Networks Certified Internet Specialist (JNCIS-ENT) Version: 10.1 [ Total Questions: 498 ]

BGP and Traffic Engineering with Akamai. Christian Kaufmann Akamai Technologies MENOG 14

Cisco CCNP Optimizing Converged Cisco Networks (ONT)

Border Gateway Protocol, Route Manipulation, and IP Multicast

Today s Agenda. Note: it takes years to really master BGP Many slides stolen from Prof. Zhi-Li Zhang at Minnesota and from Avi Freedman s slides

Route Discovery Protocols

Introduction to Dynamic Routing Protocols

BGP-4 Case Studies. Nenad Krajnovic.

Module 12 Multihoming to the Same ISP

MPLS-based Layer 3 VPNs

Advanced Routing. FortiOS Handbook v3 for FortiOS 4.0 MR3

Transcription:

I E Filtering, redistribution, summarization, synchronization, attributes and other advanced features Global Knowledge Training LLC A3-1

Route Selection Criteria Prefer highest weight (local to router) Prefer highest local preference (global within AS) Prefer routes that the router originated Prefer shorter AS paths (only length is compared) Prefer lowest origin code (IGP < EGP < Incomplete) Prefer lowest MED Prefer external (E) paths over internal (I) For I paths, prefer path through closest IGP neighbor For E paths, prefer oldest (most stable) path Prefer paths from router with the lower router-id Commonly Used Characters in Expressions. Any single character, including a space * Zero or more sequence of pattern + One or more sequence of pattern? Zero or one occurrence of pattern ^ Beginning of string $ End of string _ Match any delimiter (including beginning, end, space, tab, comma) \ Remove special meaning of character that follows [ ] Match one character in a range Logical OR Global Knowledge Training LLC A3-2

String Matching: Special Characters \ To use the special characters as single-character patterns, remove the special meaning by preceding each character with a backslash (\). How do you match AS 213 in the beginning of the string? (213 317) 1218 316 31 Answer: ^\(213_ String Matching: Repeating Operators * Matches zero or more atoms? Matches zero or one atom + Matches one or more atoms An atom is a single character or a grouping. How do you match AS sequences 23 45 and 23 78 45 in a single regular expression? Answer: _23(_78)?_45_ Global Knowledge Training LLC A3-3

A, B A, B, C, D, F Global Knowledge Training LLC A3-4

A, D G, H, I Global Knowledge Training LLC A3-5

A, B, C, D, G, H, I A, I Global Knowledge Training LLC A3-6

String Matching _100_ Going through AS 100 ^100$ Directly connected to AS 100 _100$ Originated in AS 100 ^100_. Networks behind AS 100 ^ [0-9]+$ ^([0-9]+)(_\1)*$ AS paths one AS long Prepending performed in neighboring originating AS ^$ Networks originated in local AS.* Matches everything Configuring Prefix-Lists router(config)# ip prefix-list list-name [seq seq] {permit deny} network/len [ge value] [le value] Prefix-lists have names and sequence numbers (like routemaps). An entry with no le or ge parameter matches exactly the specified prefix. An entry with an le or ge parameter matches any route within the address space of address/prefix with prefix longer or equal to ge value and shorter than or equal to le value. Global Knowledge Training LLC A3-7

Configuring Prefix-Lists (Cont.) Prefix-list matching rules Prefix-list entries with no ge or le option match only the specified route. Similar to IP access-lists with no wildcard bits Matching also considers subnet mask Which of the following routes will be matched by: ip prefix-list MyList permit 192.168.0.0/16? 192.168.0.0/16 X 192.168.0.0/20 X 192.168.2.0/24 Configuring Prefix-Lists (Cont.) A prefix-list entry with ge or le option matches any prefix within specified address space where the subnet mask falls within specified limits. Which of the following routes will be matched by: ip prefix-list MyList permit 192.168.0.0/16 le 20? X 192.168.0.0/16 192.168.17.0/20 192.168.2.0/24 ip prefix-list MyList permit 192.168.0.0/16 ge 18? X 192.168.0.0/16 192.168.17.0/20 192.168.2.0/24 Global Knowledge Training LLC A3-8

Configuring Prefix-Lists (Cont.) What will be matched by: ip prefix-list A permit 0.0.0.0/0 ge 32 ip prefix-list B permit 128.0.0.0/2 ge 17 ip prefix-list C permit 0.0.0.0/0 le 32 ip prefix-list D permit 0.0.0.0/0 ip prefix-list E permit 0.0.0.0/1 le 24 a) All host routes b) Any subnet in class B address space c) All routes d) Just the default route e) Any prefix in class A address space covering at least 254 addresses Configuring Prefix-Lists (Cont.) What will be matched by: ipv6 prefix-list A permit ::/0 ge 128 ipv6 prefix-list B permit FEC0::/10 ge 11 ipv6 prefix-list C permit ::/0 le 128 ipv6 prefix-list D permit ::/0 ipv6 prefix-list E permit xxxx:xxxx:xxxx:xxxx::/64 a) All host routes b) Any site local address space c) All routes d) Just the default route e) A specific prefix with a length of 64 bits Global Knowledge Training LLC A3-9

Configuring Outbound Route Filtering router(config-router)# neighbor ip-address capability orf prefix-list [receive send both] This command enables negotiation of prefix-list ORF capability during session setup. The ORF-capable speaker will install ORFs per neighbor. Option: Both allows sending and receiving of prefix-lists. Send allows only sending of prefix-lists. Receive allows only receiving of prefix-lists. Sample: Outbound Route Filtering S5#sh run b bgp router bgp 200 neighbor 208.28.1.129 remote-as 100 neighbor 208.28.1.129 send-community both neighbor 208.28.1.129 capability orf prefix-list send neighbor 208.28.1.129 prefix-list ProbD in! ip prefix-list ProbD seq 5 deny 17.80.1.0/24 ip prefix-list ProbD seq 10 permit 0.0.0.0/0 le 32 R2#sh run b bgp router bgp 100 bgp router-id 2.2.2.2 neighbor 208.28.1.130 remote-as 200 neighbor 208.28.1.130 capability orf prefix-list receive! R2#sh ip bgp neighbors 208.28.1.130 receive prefix-filter Address family: IPv4 Unicast ip prefix-list 208.28.1.130: 2 entries seq 5 deny 17.80.1.0/24 seq 10 permit 0.0.0.0/0 le 32 Global Knowledge Training LLC A3-10

Link Bandwidth Feature Used to enable multipath load balancing for external links with unequal bandwidth capacity Enabled under an IPv4 or VPNv4 address family sessions by entering the bgp dmzlink-bw command Routes learned from directly connected external neighbor propagated through the I network with the bandwidth of the source external link Configuring Link Bandwidth bgp dmzlink-bw Router(config-router-af)# bgp dmzlink-bw neighbor ip-address dmzlink-bw Router(config-router-af)# neighbor 172.16.1.1 dmzlink-bw neighbor ip-address send-community [both extended standard] Router(config-router-af)# neighbor 10.10.10.1 send-community extended The bgp dmzlink-bw configures to distribute traffic proportionally to the bandwidth of the link. This command must be entered on each router that contains an external interface that is to be used for multipath load balancing. The neighbor ip-address dmzlink-bw configures to include the link bandwidth attribute for routes learned from the external interface specified IP address. This command must be configured for each e link that is to be configured as a multipath. Global Knowledge Training LLC A3-11

Enabling this command allows the bandwidth of the external link to be propagated through the link bandwidth extended community. The neighbor ip-address send-community [both extended standard] command must be configured for i peers to which the link bandwidth extended community attribute is to be propagated. Link Bandwidth Link Bandwidth Configuration Router A Configuration In the following example, Router A is configured to support i multipath load balancing and to exchange the extended community attribute with i neighbors: Router A(config)# router bgp 100 Router A(config-router)# neighbor 10.10.10.2 remote-as 100 Router A(config-router)# neighbor 10.10.10.2 update-source Loopback 0 Router A(config-router)# neighbor 10.10.10.3 remote-as 100 Router A(config-router)# neighbor 10.10.10.3 update-source Loopback 0 Router A(config-router)# address-family ipv4 Router A(config-router)# bgp dmzlink-bw Router A(config-router-af)# neighbor 10.10.10.2 activate Router A(config-router-af)# neighbor 10.10.10.2 send-community both Router A(config-router-af)# neighbor 10.10.10.3 activate Global Knowledge Training LLC A3-12

Router A(config-router-af)# neighbor 10.10.10.3 send-community both Router A(config-router-af)# maximum-paths ibgp 6 Router B Configuration In the following example, Router B is configured to support multipath load balancing, to distribute Router D and Router E link traffic proportionally to the bandwidth of each link, and to advertise the bandwidth of these links to i neighbors as an extended community: Router B(config)# router bgp 100 Router B(config-router)# neighbor 10.10.10.1 remote-as 100 Router B(config-router)# neighbor 10.10.10.1 update-source Loopback 0 Router B(config-router)# neighbor 10.10.10.3 remote-as 100 Router B(config-router)# neighbor 10.10.10.3 update-source Loopback 0 Router B(config-router)# neighbor 172.16.1.1 remote-as 200 Router B(config-router)# neighbor 172.16.1.1 ebgp-multihop 1 Router B(config-router)# neighbor 172.16.2.2 remote-as 200 Router B(config-router)# neighbor 172.16.2.2 ebgp-multihop 1 Router B(config-router)# address-family ipv4 Router B(config-router-af)# bgp dmzlink-bw Router B(config-router-af)# neighbor 10.10.10.1 activate Router B(config-router-af)# neighbor 10.10.10.1 next-hop-self Router B(config-router-af)# neighbor 10.10.10.1 send-community both Router B(config-router-af)# neighbor 10.10.10.3 activate Router B(config-router-af)# neighbor 10.10.10.3 next-hop-self Router B(config-router-af)# neighbor 10.10.10.3 send-community both Router B(config-router-af)# neighbor 172.16.1.1 activate Router B(config-router-af)# neighbor 172.16.1.1 dmzlink-bw Router B(config-router-af)# neighbor 172.16.2.2 activate Router B(config-router-af)# neighbor 172.16.2.2 dmzlink-bw Router B(config-router-af)# maximum-paths ibgp 6 Router B(config-router-af)# maximum-paths 6 Router C Configuration In the following example, Router C is configured to support multipath load balancing and to advertise the bandwidth of the link with Router E to i neighbors as an extended community: Global Knowledge Training LLC A3-13

Router C(config)# router bgp 100 Router C(config-router)# neighbor 10.10.10.1 remote-as 100 Router C(config-router)# neighbor 10.10.10.1 update-source Loopback 0 Router C(config-router)# neighbor 10.10.10.2 remote-as 100 Router C(config-router)# neighbor 10.10.10.2 update-source Loopback 0 Router C(config-router)# neighbor 172.16.3.30 remote-as 200 Router C(config-router)# neighbor 172.16.3.30 ebgp-multihop 1 Router C(config-router)# address-family ipv4 Router C(config-router-af)# bgp dmzlink-bw Router C(config-router-af)# neighbor 10.10.10.1 activate Router C(config-router-af)# neighbor 10.10.10.1 send-community both Router C(config-router-af)# neighbor 10.10.10.1 next-hop-self Router C(config-router-af)# neighbor 10.10.10.2 activate Router C(config-router-af)# neighbor 10.10.10.2 send-community both Router C(config-router-af)# neighbor 10.10.10.2 next-hop-self Router C(config-router-af)# neighbor 172.16.3.3 activate Router C(config-router-af)# neighbor 172.16.3.3 dmzlink-bw Router C(config-router-af)# maximum-paths ibgp 6 Router C(config-router-af)# maximum-paths 6 Verifying Link Bandwidth The examples in this section show the verification of this feature on Router A and Router B. Router B In the following example, the show ip bgp command is entered on Router B to verify that two unequal cost best paths have been installed into the routing table. The bandwidth for each link is displayed with each route. Router B# show ip bgp 192.168.1.0 routing table entry for 192.168.1.0/24, version 48 Paths: (2 available, best #2) Multipath: e Advertised to update-groups: 1 2 200 172.16.1.1 from 172.16.1.2 (192.168.1.1) Global Knowledge Training LLC A3-14

Origin incomplete, metric 0, localpref 100, valid, external, multipath, best Extended Community: 0x0:0:0 DMZ-Link Bw 278 kbytes 200 172.16.2.2 from 172.16.2.2 (192.168.1.1) Origin incomplete, metric 0, localpref 100, valid, external, multipath, best Extended Community: 0x0:0:0 DMZ-Link Bw 625 kbytes Router A In the following example, the show ip bgp command is entered on Router A to verify that the link bandwidth extended community has been propagated through the i network to Router A. The output shows that a route for each exit link (on Router B and Router C) to autonomous system 200 has been installed as a best path in the routing table. Router A# show ip bgp 192.168.1.0 routing table entry for 192.168.1.0/24, version 48 Paths: (3 available, best #3) Multipath: e Advertised to update-groups: 1 2 200 172.16.1.1 from 172.16.1.2 (192.168.1.1) Origin incomplete, metric 0, localpref 100, valid, external, multipath Extended Community: 0x0:0:0 DMZ-Link Bw 278 kbytes 200 172.16.2.2 from 172.16.2.2 (192.168.1.1) Origin incomplete, metric 0, localpref 100, valid, external, multipath, best Extended Community: 0x0:0:0 DMZ-Link Bw 625 kbytes 200 172.16.3.3 from 172.16.3.3 (192.168.1.1) Origin incomplete, metric 0, localpref 100, valid, external, multipath, best Extended Community: 0x0:0:0 Global Knowledge Training LLC A3-15

DMZ-Link Bw 2500 kbytes Removing Private AS Numbers router(config-router)# neighbor ip-address remove-private-as The command modifies AS-path processing on outgoing updates sent to specified neighbor. Private AS numbers are removed from the tail of the AS path before the update is sent. Private AS numbers followed by a public AS number are not removed. The AS number of the sender is prepended to the AS path after this operation. Global Knowledge Training LLC A3-16

Network Design with Route Reflectors Route reflector rules Route reflector rules divide a transit AS into smaller areas (called clusters). Each cluster contains route reflectors and route reflector clients. Routers that do not support route reflector functionality act as a onerouter cluster or as a route reflector client. I session rules All clients in a cluster must establish I sessions with and only with all route reflectors in the cluster. An I full mesh between all route reflectors within the AS is required. Routers that are not route reflectors can participate in the I full mesh or be route reflector clients. Route reflector reflects A route reflector will reflect from: client to client non-client to client client to non-client Global Knowledge Training LLC A3-17

Configuring Route Reflectors router(config-router)# bgp cluster-id cluster-id Optionally assigns a cluster-id to the route reflector (default value is router-id) Required only for clusters with redundant reflectors Cluster-ID cannot be changed after the first client is configured router(config-router)# neighbor ip-address route-reflector-client Configures an I neighbor to be a client of this reflector Global Knowledge Training LLC A3-18

Confederations Splitting the AS into smaller autonomous systems would reduce the number of sessions, but extra AS numbers are not available. Confederations enable internal AS numbers to be hidden and announce only one (external) AS number to E neighbors. Intra-Confederation Behaves like E session during session establishment The E neighbor has to be directly connected, or you have to configure ebgp-multihop on the neighbor. Behaves like I session when propagating routing updates The local preference, MED, and next-hop attributes are retained. The whole confederation can run one IGP, providing optimal routing based on the next-hop attribute in the routing table. Global Knowledge Training LLC A3-19

Confederation Design Rules I full mesh within each member-as is required. Route reflectors might be used within each AS to relax the I full-mesh requirements. There is no topology limitation on E sessions between autonomous systems within a confederation. The intra-confederation E sessions will follow the physical topology of the network. Configuring Confederations router(config)# router bgp member-as-number Remove the old process and configure process with member-as number router(config-router)# bgp confederation identifier external-as-number Configures external confederation-wide AS number router(config-router)# bgp confederation peers list-of-intra-confederation-as Defines all the other autonomous systems in the confederation Global Knowledge Training LLC A3-20

Scan Time router(config-router)# bgp scan-time scanner-interval This command changes the default value of scanner process runs (default = 60 seconds). The scanner walks the table and confirms the reachability of next hops. The scanner process is also responsible for advanced features such as conditional advertisement check and performing route dampening. Advertisement Interval router(config-router)# neighbor {ip-address peer-group-name} advertisementinterval seconds This command changes the default time interval in the sending of routing updates for a specific neighbor: If lowered, can improve convergence Can consume considerable resources in a jittery network if the value is set too low Default values: 30 seconds for E neighbors 5 seconds for I neighbors Global Knowledge Training LLC A3-21

Peer Group Limitations Peer groups have a number of limitations because of the way that they are used to build updates. Per-neighbor parameters that affect outbound updates cannot be changed for peer group members. I and E neighbors cannot be mixed in a peer group. Configuring Route Dampening router(config-router)# bgp dampening [half-life reuse suppress maxsuppress-time] [route-map map-name] Configures route dampening dampening parameters: half-life Decay time in which the penalty is halved suppress Value when the route starts dampening reuse Value when the dampened route is reused max-suppress-time Maximum time to suppress the route route-map Name of route-map controlling dampening Global Knowledge Training LLC A3-22

Configuring Route Dampening Most Internet service providers use default values: A flapping route is dampened after three successive flaps. A route stays suppressed for approximately 30 minutes. Net result: The route is lost for 30 minutes if a session with a neighbor is cleared three times in succession. Default dampening parameter values are: half-life 15 minutes suppress 2000 reuse 750 max-suppress-time 60 minutes (4x half-life) per-flap penalty 1000 (nonconfigurable) Configuring Route Dampening router(config-route-map)# set dampening half-life reuse suppress max-suppresstime This command sets the dampening parameters for individual routes matched by a route-map entry. Apply this route-map to the bgp dampening command instead of specifying individual parameters. Applications: Less aggressive dampening of routes toward root DNS servers (or other servers) Dampening of smaller prefixes more aggressively Selective dampening based on neighbor and route-map match criteria Global Knowledge Training LLC A3-23

Releasing Dampened Routes router# clear ip bgp ip-address flap-statistics [{regexp regexp} {filter-list list-name} {ip-address network-mask}] Clears the flap statistics but does not release dampened routes router# clear ip bgp dampening [ip-address network-mask] Releases all the dampened routes or just the specified network Flap statistics or dampened routes also cleared when the session with the neighbor is lost Global Knowledge Training LLC A3-24

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information